Principal Security Engineer- PAN and Panorama (Onsite role)

Calance Consulting Corporation
Charlotte, United States of America
yesterday

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 177K

Job location

Charlotte, United States of America

Tech stack

API
Artificial Intelligence
Amazon Web Services (AWS)
Data analysis
Azure
Cloud Computing
Computer Security
Data Centers
Software Design Patterns
Domain Name System Security Extensions
Intrusion Detection and Prevention
Information Systems Security Architecture Professional
Python
Network Security
Machine Learning
Routing
Network Segmentation
Ansible
Zero Trust Network Access
Security Information and Event Management
Systems Integration
Transmission Control Protocol (TCP)
Software Vulnerability Management
Transport Layer Security
Firewalls (Computer Science)
Information Technology
Palo Alto Networks
Firewall Services Module
Terraform
Security Orchestration, Automation & Response

Job description

Principal Security Engineer Global Firewall Strategy & EngineeringPosition, We are seeking a highly experienced Principal Security Engineer to lead the strategy, engineering, optimization, and modernization of our global firewall infrastructure. This is a hands-on technical leadership role responsible for driving enterprise-wide firewall policy governance, standardization, and operational excellence across a complex global environment.

The ideal candidate will possess deep expertise in Palo Alto Networks firewalls and Panorama, with a proven ability to design scalable security architectures, optimize policy frameworks, eliminate operational bottlenecks, and improve security effectiveness through automation and innovation. This individual will partner with security architecture, infrastructure, networking, operations, and application teams to modernize the organization's firewall posture while maintaining strong security controls and business agility. Additionally, experience leveraging AI-driven security operations, automation, and vulnerability management approaches is highly desirable., Firewall Strategy & Engineering Serve as the technical lead and subject matter expert for the enterprise firewall environment. Design, implement, and maintain global firewall standards, policies, and governance processes. Lead enterprise-wide firewall policy standardization initiatives across multiple regions, business units, and environments. Establish scalable firewall design patterns that support cloud, data center, and hybrid infrastructures. Drive continuous improvement of firewall architecture, security controls, and operational processes. Policy Management & Optimization Own firewall rule lifecycle management, including design, implementation, validation, and ongoing maintenance. Develop and maintain policy sequencing strategies to improve performance, manageability, and security effectiveness. Perform rule reviews, policy tuning, cleanup, and recertification activities. Identify redundant, orphaned, shadowed, and overly permissive firewall rules. Implement best practices for change management, policy governance, and compliance requirements. Security Analysis & Modernization Analyze firewall environments to identify gaps, risks, inefficiencies, and operational bottlenecks. Conduct assessments and develop strategic roadmaps to modernize firewall operations and architecture. Drive the adoption of advanced security capabilities including application-based policies, threat prevention, DNS security, SSL inspection, and zero-trust principles. Partner with architecture and engineering teams to improve segmentation and security posture across the enterprise. Automation & AI Innovation Evaluate and implement automation opportunities to improve firewall operations, policy deployment, compliance reporting, and vulnerability remediation. Leverage AI, analytics, and machine learning technologies where applicable to streamline security workflows and enhance operational efficiency. Identify opportunities to reduce manual effort through intelligent automation and infrastructure-as-code methodologies. Collaborate with vulnerability management teams to automate risk-based remediation and policy recommendations. Leadership & Collaboration Act as the senior technical advisor for firewall engineering initiatives and strategic security programs. Mentor engineers and provide technical guidance on firewall and network security best practices. Work closely with network engineering, cloud, infrastructure, security operations, and compliance teams. Influence enterprise security standards and contribute to long-term cybersecurity strategy.

Requirements

Bachelor's degree in Information Security, Computer Science, Engineering, or equivalent experience. 10+ years of experience in network security engineering within large-scale enterprise environments. 5+ years of advanced experience with Palo Alto Networks Firewalls and Panorama.

Deep expertise in: Firewall policy design and implementation Security policy optimization and sequencing Network segmentation Threat prevention technologies Enterprise security architecture Multi-site/global firewall deployments

Strong understanding of: TCP/IP networking Routing and switching Network security architectures Hybrid and cloud networking models Zero Trust security frameworks

Experience leading enterprise security modernization initiatives. Strong analytical, troubleshooting, and communication skills. Ability to translate technical findings into strategic recommendations for leadership. Preferred Qualifications Experience with firewall automation using APIs, Python, Ansible, Terraform, or Infrastructure-as-Code solutions. Experience integrating security controls with cloud platforms including AWS, Azure, or GCP. Knowledge of vulnerability management platforms and risk-based remediation processes. Experience leveraging AI-driven operational efficiencies within cybersecurity programs. Familiarity with security analytics, SIEM, SOAR, and security automation technologies.

Benefits & conditions

3.63.6 out of 5 stars Charlotte, NC 28105 $70 - $85 an hour - Temp-to-hire

Apply for this position